feat(ai-sdk): ePrivacy/cookie topic — §25 TDDDG co-primary for cookie questions
CI / detect-changes (pull_request) Successful in 12s
CI / branch-name (pull_request) Successful in 2s
CI / guardrail-integrity (pull_request) Successful in 9s
CI / secret-scan (pull_request) Successful in 9s
CI / dep-audit (pull_request) Failing after 57s
CI / sbom-scan (pull_request) Failing after 58s
CI / build-sha-integrity (pull_request) Successful in 5s
CI / validate-canonical-controls (pull_request) Successful in 5s
CI / loc-budget (pull_request) Successful in 19s
CI / go-lint (pull_request) Successful in 40s
CI / python-lint (pull_request) Failing after 14s
CI / nodejs-lint (pull_request) Failing after 1m8s
CI / nodejs-build (pull_request) Successful in 3m1s
CI / test-go (pull_request) Successful in 1m0s
CI / iace-gt-coverage (pull_request) Successful in 17s
CI / test-python-backend (pull_request) Successful in 23s
CI / test-python-document-crawler (pull_request) Successful in 15s
CI / test-python-dsms-gateway (pull_request) Successful in 13s
CI / detect-changes (pull_request) Successful in 12s
CI / branch-name (pull_request) Successful in 2s
CI / guardrail-integrity (pull_request) Successful in 9s
CI / secret-scan (pull_request) Successful in 9s
CI / dep-audit (pull_request) Failing after 57s
CI / sbom-scan (pull_request) Failing after 58s
CI / build-sha-integrity (pull_request) Successful in 5s
CI / validate-canonical-controls (pull_request) Successful in 5s
CI / loc-budget (pull_request) Successful in 19s
CI / go-lint (pull_request) Successful in 40s
CI / python-lint (pull_request) Failing after 14s
CI / nodejs-lint (pull_request) Failing after 1m8s
CI / nodejs-build (pull_request) Successful in 3m1s
CI / test-go (pull_request) Successful in 1m0s
CI / iace-gt-coverage (pull_request) Successful in 17s
CI / test-python-backend (pull_request) Successful in 23s
CI / test-python-document-crawler (pull_request) Successful in 15s
CI / test-python-dsms-gateway (pull_request) Successful in 13s
The TDDDG (ex-TTDSG) pilot revealed §25 TDDDG (terminal-equipment / cookie consent) ranked #3 on a cookie query — the subsidiarity rule demoted it as DE law subsidiary to the DSGVO, but TDDDG is lex specialis (ePrivacy) for cookies. Topic-based fix (NOT blanket TDDDG > DSGVO): - cookie/ePrivacy topic (cookie/endeinrichtung/endgeraet/tracking -> §25 TDDDG) so it is co-primary (topic-matched -> topicGain, no subsidiarity demote). - TDDDG/TTDSG added to the data_protection domain (chunkDomain recognition). - cookie-specific keywords (NOT bare 'Einwilligung') so a general consent question still resolves to Art. 7 DSGVO. Acceptance on the DSGVO+BDSG+TDDDG build: cookie -> §25 TDDDG top-1; Rechtsgrundlage -> DSGVO; DSB -> Art.37+§38 BDSG (not TDDDG); degraded=0, must_not=0. go build/vet/test green; 2 new table tests. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -110,9 +110,10 @@ type domainDef struct {
|
|||||||
// Deterministic order (slice, not map) — important for stable classification + tests.
|
// Deterministic order (slice, not map) — important for stable classification + tests.
|
||||||
var domains = []domainDef{
|
var domains = []domainDef{
|
||||||
{"data_protection",
|
{"data_protection",
|
||||||
[]string{"DSGVO", "GDPR", "BDSG", "EDPB", "DSK", "BfDI", "BayLfD", "DPF"},
|
[]string{"DSGVO", "GDPR", "BDSG", "TDDDG", "TTDSG", "EDPB", "DSK", "BfDI", "BayLfD", "DPF"},
|
||||||
[]string{"personenbezogen", "betroffene", "datenschutz", "datenschutzbeauftrag", "dsb",
|
[]string{"personenbezogen", "betroffene", "datenschutz", "datenschutzbeauftrag", "dsb",
|
||||||
"datenpanne", "auskunft", "loesch", "lösch", "einwilligung", "besondere kategorien", "auftragsverarbeit"}},
|
"datenpanne", "auskunft", "loesch", "lösch", "einwilligung", "besondere kategorien", "auftragsverarbeit",
|
||||||
|
"cookie", "endeinrichtung", "endgerät", "endgeraet", "tracking"}},
|
||||||
{"cyber",
|
{"cyber",
|
||||||
[]string{"CRA", "NIS2", "NIS-2", "ENISA", "DORA", "EUCC"},
|
[]string{"CRA", "NIS2", "NIS-2", "ENISA", "DORA", "EUCC"},
|
||||||
[]string{"security update", "sicherheitsupdate", "sicherheitsaktualisierung", "schwachstelle", "sbom",
|
[]string{"security update", "sicherheitsupdate", "sicherheitsaktualisierung", "schwachstelle", "sbom",
|
||||||
@@ -200,6 +201,11 @@ var topics = []topicDef{
|
|||||||
{[]string{"bussgeld", "geldbusse"}, []string{"Art. 83"}},
|
{[]string{"bussgeld", "geldbusse"}, []string{"Art. 83"}},
|
||||||
{[]string{"security update", "sicherheitsupdate", "schwachstelle", "sbom", "cybersicherheitsanforderung"}, []string{"CRA Anhang I"}},
|
{[]string{"security update", "sicherheitsupdate", "schwachstelle", "sbom", "cybersicherheitsanforderung"}, []string{"CRA Anhang I"}},
|
||||||
{[]string{"meldepflicht", "sicherheitsvorfall"}, []string{"Art. 14 CRA"}},
|
{[]string{"meldepflicht", "sicherheitsvorfall"}, []string{"Art. 14 CRA"}},
|
||||||
|
// ePrivacy / cookies: § 25 TDDDG (ex-TTDSG) is lex specialis for terminal-equipment access /
|
||||||
|
// cookie consent. Co-primary on a cookie/tracking query, so the subsidiarity rule does NOT
|
||||||
|
// demote it like general-DP DE law subsidiary to the DSGVO. Keywords are cookie-specific
|
||||||
|
// (NOT bare "Einwilligung") so a general consent question still resolves to Art. 7 DSGVO.
|
||||||
|
{[]string{"cookie", "endeinrichtung", "endgerät", "endgeraet", "tracking", "speicherung von informationen", "zugriff auf informationen"}, []string{"§ 25 TDDDG"}},
|
||||||
}
|
}
|
||||||
|
|
||||||
// resultMatchesTopic reports whether the result is a preferred norm of a topic the query hits.
|
// resultMatchesTopic reports whether the result is a preferred norm of a topic the query hits.
|
||||||
|
|||||||
@@ -123,6 +123,28 @@ func TestRerankByAuthority_Acceptance(t *testing.T) {
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
t.Run("ePrivacy: a cookie query lifts §25 TDDDG above DSGVO consent (lex specialis topic)", func(t *testing.T) {
|
||||||
|
in := []LegalSearchResult{
|
||||||
|
bindingRes("Art. 7 DSGVO", "DSGVO", "EU", 0.70), // higher semantic
|
||||||
|
bindingRes("§ 25 TDDDG", "TDDDG", "DE", 0.66),
|
||||||
|
}
|
||||||
|
out := rerankByAuthority("Wann ist eine Einwilligung fuer das Speichern von Cookies auf Endgeraeten erforderlich?", in)
|
||||||
|
if out[0].RegulationShort != "TDDDG" {
|
||||||
|
t.Fatalf("§25 TDDDG must win a cookie question (lex specialis topic), got %q", out[0].ArticleLabel)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
t.Run("a general consent question still resolves to DSGVO, not §25 TDDDG", func(t *testing.T) {
|
||||||
|
in := []LegalSearchResult{
|
||||||
|
bindingRes("§ 25 TDDDG", "TDDDG", "DE", 0.70), // higher semantic but no cookie topic
|
||||||
|
bindingRes("Art. 7 DSGVO", "DSGVO", "EU", 0.66),
|
||||||
|
}
|
||||||
|
out := rerankByAuthority("Welche Anforderungen gelten an eine wirksame Einwilligung?", in)
|
||||||
|
if out[0].RegulationShort != "DSGVO" {
|
||||||
|
t.Fatalf("a general consent question must resolve to DSGVO (TDDDG demoted), got %q", out[0].ArticleLabel)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
t.Run("co-primary dp_01: BDSG §38 stays top on a DSB question (national special rule)", func(t *testing.T) {
|
t.Run("co-primary dp_01: BDSG §38 stays top on a DSB question (national special rule)", func(t *testing.T) {
|
||||||
in := []LegalSearchResult{
|
in := []LegalSearchResult{
|
||||||
bindingRes("§ 38 BDSG", "BDSG", "DE", 0.66),
|
bindingRes("§ 38 BDSG", "BDSG", "DE", 0.66),
|
||||||
|
|||||||
Reference in New Issue
Block a user